Trend Micro Q3 security report

Trend Micro has released the report “3Q 2012 SECURITY ROUNDUP -Android Under Siege: Popularity Comes at a Price” that presents a worrying trend for malware growth increased of 483%. The increment include cyber espionage malware and also destructive malicious agents targeting mainly the mobile world and in particular Google Android platform.

Malware targeting Android platform increased from around 30,000 malicious apps in June to almost 175,000 between July and September.

The reports highlights the risks for user’s privacy, it states:

“Though most adware are designed to collect user information, a fine line exists between collecting data for simple advertising and violating one’s privacy. Because they normally collect user information for legitimate purposes, they can serve as an effective means to gather more data than some would want to give out”

The report alerts on the diffusion of aggressive adware and also of malware developed with the specific intent to gather information without consent of mobile users. Mobile devices has suffered more cybercriminal attacks and the lack of awareness on cyber threat is the main reason of the success of these agents. In many cases mobile adware is considerable as business model to pay app development offered for free but TrendMicro also identified several apps that expose user’s data such as call history and locations.

“The fact that only 20 percent of Android device owners use a security app does not help.”

David Sancho, senior threat researcher declared:

“At the end of the day… all mobile apps are essentially web clients; therefore, they are as unsecure as a browser and that’s how you should treat them.”

“Fake versions of legitimate Android apps are the most prevalent type of Android malware. This quarter, data stealers like Solar Charge and premium service abusers like Live Wallpapers in China or fake versions of best-selling apps that spread in Russia further raised concerns about the open nature of the Android ecosystem.”

Another potential cyber threat is related by ad networks that provide in-app libraries for developers that intend to create a new application, it has been demonstrated that these libraries collect more data than developers declare and fail to alert users.

“App developers can either choose to closely examine ad libraries and ask their ad network to modify their code or rely on another ad network. We believe that the value of information stolen from users far outweighs the cost of due diligence on the side of developers and the ad networks that support them,”

Once again one of the principal cyber threats is represented by zero-day exploits, impossible to detect that benefit of the latency in patch management and of the lack discipline of users. These exploits expose to high risks organizations and private businesses, in 2011 the total number of critical vulnerabilities was of 1,822.

The following graph demonstrates that Apple is the vendor that disclosed the major number of vulnerabilities but the figure doesn’t consider the related level of severity.

TrendMicro revealed, such as other security firms, the increased level of complexity of cyber threats that demonstrate the evolution of capabilities of the cybercrime.

Top three malware in the last quarter are :

ZeroAccess 929,015

DOWNAD/Conficker 604,433

Keygen: 193,700

During last quarter it has been observed a meaningful increase in ZeroAccess malware, that is reached first place in rankings with more than 900,000 detections.
Worrying is also the increased diffusion of Blackhole Exploit Kit that are defined in the report as “web pages designed to try and exploit several vulnerabilities on a visitor’s computer. Once any of the exploits runs, the page serves up the end payload, usually a malware”

The report mentions also the cyber threat related to hacking activities against organization and private companies that exposes to serious risk of disclosure highly sensitive data. Of particular interest the data related to APT attacks, a singular aspect of the offensives is their adaptation for mobile platform such as Android OSs.

Most APT campaigns target organizations in the corporate/government sector because these handle more sensitive data than any other kind of organization.

The report is closed with a dutiful reference to social networks and improper use of majority of internet users, we can consider them a mine for cyber criminals and hackers.

Billions of people daily use social media platform without configure in the proper way their privacy settings.

The reports states:

“We found that only 50% of Facebook users check their privacy settings every 2–3 months. They aren’t likely to change their settings that often though. And so survey scams live on because the payoff—getting tons of personal data from users—is something the bad guys can’t pass up on.”

Concluding the report, like many others, reveals the increased number of cyber threats for private and governments sectors, the major concerns are related to mobile platforms and social networks … that’s the price of popularity, and let me add that is just the beginning!

Share On

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.